Deploying Apple Devices: What's new in 2024?
The Apple platform provides incredible value to businesses with its intuitive capabilities. Companies that offer Apple create a deeper employee engagement experience and drive IT efficiency, in some cases at a lower cost of ownership compared to other platforms.
Deployment of Apple continues to grow through enterprises of all sizes. In their JNUC session, titled Deploying Apple Devices, Christos Drosos and Jacob Dekkenga from Apple detailed some productivity features available with the latest operating systems to help employees become even more efficient and creative at work:
- iPhone mirroring, which allows for seamless engagement between iPhone and Mac. Users can access and browse frequently used iOS apps and review and respond to iPhone notifications.
- New window tiling, so employees can stay organized and easily arrange their desktops into a layout that works best for them; and enhancements to video conferencing on Mac.
In addition to accessing new features, Dekkenga pointed out that companies must consider upgrading to the latest macOS to maintain their security posture. Attackers exploit vulnerabilities to gain access to systems, elevate privileges, establish persistence, and move laterally within an organization. Unpatched vulnerabilities increase the risk as older versions may not address all security issues. When upgrading to macOS Sequoia, there are various options available to support different workflows and enhance flexibility.
To prepare for deploying macOS Sequoia, Drosos talked about Managed Apple accounts, formally known as Managed Apple IDs. These accounts provide access to various Apple services owned by an organization and can be created manually, through Apple Business Manager and Apple School Manager, or automatically federated with an identity provider. With macOS Sequoia, users have the option to convert their existing Apple account into a managed account or to leave it as personal.
Another common issue addressed by Drosos was the management of activation locks. Users with the role of administrator can now turn off the activation lock for organization-owned devices. This removes the need for administrators to contact Apple Care and simplifies reprovisioning of work profiles.
Automated Device Enrollment comes to Apple Vision Pro
Automated Device Enrollment is ideal for new and refreshed devices. This year, Automated Device Enrollment has come to Apple Vision Pro. With visionOS 2.0, teams will be able to automatically enroll into an MDM straight within the setup assistant, just like with any other Apple device.
In addition, IT admins will be able to require pending updates during the enrollment process, so that the update is downloaded and installed before enrollment can continue. MacOS 15 also adds support for passkeys and hardware security keys during enrollment, ideal for highly regulated industries or customers just looking for additional security.
For companies using manual device enrollment or BYOD, the process was made easier with the introduction of account-driven device enrollment, where users can sign in with their managed Apple ID in system settings. Organizational data is cryptographically separated from personal data and Single Sign-On can be used to avoid repeated authentication prompts.
This allows IT to configure settings and apps while keeping personal information private.
Managing Mac and mobile devices
With the new macOS Sequoia, software updates can now be managed entirely with Declarative Device Management.
New features have been introduced to increase user transparency. Installed system extensions can be viewed in system settings and administrators can disable and remove unwanted extensions. With platform SSO, developers can build SSO extensions that allow users to synchronize their local password with an identity provider.
This year, Apple introduced a new disc management configuration to manage external and network storage, which replaces deprecated media management payload.
For iOS and iPad OS, extension management features work for standard browsing and private browsing in Safari. These include defining which extensions are allowed, controlling which are always on or off, and managing access to websites by specific domains and or subdomains.
A new chapter in Apple innovation
Apple intelligence, coming in October, puts powerful generative models right at the core of iPhone, iPad, and Mac. Apple Intelligence is deeply integrated and draws on personal context to give users intelligence that's helpful and relevant to them.
This is a new chapter in Apple innovation, transforming what employees can do with devices and what devices can do for employees, with features such as system-wide writing tools, Image Playground, Enhanced Siri and ChatGPT integration. The outcome of this new technology draws on principles at the core of Apple products: it is powerful, intuitive and deeply integrated while recognizing user personal context and privacy. Some organizations may want to restrict the new features and can do so on Macs, iPhones and iPads.
The newly introduced Private Cloud Compute technology is designed to work with Apple Intelligence to maintain the privacy and security of devices. It runs on servers built specially with Apple silicon, protecting personal information when accessing server-based intelligence. User data is never stored or shared with Apple; it is used only to fulfill a single request.
Visit the Jamf blog for JNUC updates, sessions recaps and more!